Fedora Account System
Red Hat Associate
Red Hat Customer
Heap memory leak in tslib 1.22 allows context-dependent attackers to leak heap chunk address via deleting tslib configuration file If the /usr/local/etc/ts.conf configuration file does not exist, a UAF vulnerability can occur and the library heap memory address can be leaked.
Created tslib tracking bugs for this issue: Affects: epel-all [bug 2158288] Affects: fedora-all [bug 2158287]
Is there any additional information here? There is no upstream issue or CVE... is this the issue: https://github.com/libts/tslib/commit/7ee93a73103b76dca7b635bb2cb2018fbe98c175